
<?php
//header( 'Content-type: text/html; charset=utf-8' );
/*
 * Following code will update a product information
 * A product is identified by product id (pid)
 */

// array for JSON response
$response = array();
 
// check for required fields
if (isset($_POST['id']) && isset($_POST['TEN_DIA_DIEM']) && isset($_POST['TEN_MON_AN']) 
		&& isset($_POST['DIA_CHI']) && isset($_POST['THANH_PHO']) && isset($_POST['LATITUDE']) 
		&& isset($_POST['LONGITUDE']) && isset($_POST['unique_id']) && isset($_POST['LOAI_MON_AN_id']) ) {
	
	$fid = $_POST['id']; // id mon an
	$uid = $_POST['unique_id'];
    
	//$response["UID"] = $uid;
    $placename = $_POST['TEN_DIA_DIEM'];
    
    $foodname = $_POST['TEN_MON_AN'];
    
    $address = $_POST['DIA_CHI'];
    
    $quan_huyen = $_POST['QUAN_HUYEN'];
    
    $city = $_POST['THANH_PHO'];

    $phone = $_POST['SO_DIEN_THOAI'];
    
    $description = $_POST['MO_TA'];
    
    $type_food_id = $_POST['LOAI_MON_AN_id'];
    
    $latitude = $_POST['LATITUDE'];
    
    $longitude = $_POST['LONGITUDE'];
   
 
    // include db connect class
    require_once __DIR__ . '/db_connect.php';
 
    // connecting to db
    $db = new DB_CONNECT();
    
    $user_id = mysql_query("SELECT USERS_id FROM MON_AN WHERE id = $fid");
    $row1 = mysql_fetch_array($user_id);
    $user_id = $row1['USERS_id'];
    //$response["id user"] = $user_id;
    
    $unique_id = mysql_query("SELECT unique_id FROM USERS WHERE id = $user_id");
    $row2 = mysql_fetch_array($unique_id);
    $unique_id = $row2['unique_id'];
    //$response["unique_id"] = $unique_id;
    
    if($unique_id == $uid){
 
	    mysql_query("set names 'utf8'");
	    //header('content-type: application/json; charset=utf-8');
	   
	    if(isset($_POST['changeAddress']) && $_POST['changeAddress'] === 'true'){
		    $result = mysql_query("UPDATE MON_AN SET TEN_DIA_DIEM = '$placename', TEN_MON_AN = '$foodname',
		    		DIA_CHI = '$address', QUAN_HUYEN = '$quan_huyen',
		    		THANH_PHO = '$city', SO_DIEN_THOAI = '$phone', MO_TA = '$description', 
		    		LATITUDE = '$latitude', LONGITUDE = '$longitude', LOAI_MON_AN_id = '$type_food_id' 
		    		WHERE id = $fid");
	    } 
	    if(isset($_POST['changeAddress']) && $_POST['changeAddress'] === 'false'){
	    	$result = mysql_query("UPDATE MON_AN SET TEN_DIA_DIEM = '$placename', TEN_MON_AN = '$foodname',
	    			SO_DIEN_THOAI = '$phone', MO_TA = '$description', LOAI_MON_AN_id = '$type_food_id' 
	    			WHERE id = $fid");
	    }
	 	
	    // check if row inserted or not
	    if ($result) {
	        // successfully updated
	        $response["success"] = 1;
	        $response["message"] = "Food successfully updated.";
	 
	        // echoing JSON response
	        echo $json->encode($response);
	    } else {
	    	$response["success"] = 2;
	    	$response["message"] = "Can't update food";
	    	echo $json->encode($response);
	    }
    } else {
    	$response["success"] = 3;
    	$response["message"] = "Permission denied";
    	echo $json->encode($response);
    }
} else {
    // required field is missing
    $response["success"] = 0;
    $response["message"] = "Required field(s) is missing";
 
    // echoing JSON response
    echo json_encode($response);
}
?>
